Nessus, Snort, and Ethereal Power Tools
Customizing Open Source Security Applications
- 1 Edición - 14 de septiembre de 2005
- Última edición
- Autores: Brian Caswell, Jay Beale, Gilbert Ramirez, Noam Rathaus
- Idioma: Inglés
Nessus, Snort, and Ethereal Power Tools covers customizing Snort to perform intrusion detection and prevention; Nessus to analyze the network layer for vulnerabilities; and Ethere… Leer más
Descripción
Descripción
Nessus, Snort, and Ethereal Power Tools covers customizing Snort to perform intrusion detection and prevention; Nessus to analyze the network layer for vulnerabilities; and Ethereal to sniff their network for malicious or unusual traffic. The book contains an appendix detailing the best of the rest open source security tools. Each of these tools is intentionally designed to be highly customizable so that users can torque the programs to suit their particular needs. Users can code their own custom rules, plug-ins, and filters that are tailor-made to fit their own networks and the threats which they most commonly face. The book describes the most important concepts of coding and customizing tools, and then provides readers with invaluable working scripts that can either be used as is or further refined by using knowledge gained from the book.
Puntos claves
Puntos claves
- Snort, Nessus, and Ethereal are the three most popular open source security tools in the world
- Only book that teaches readers how to customize these tools for their specific needs by coding rules, plugins, and filters
- Companion Web site provides all working code and scripts from the book for download
Índice
Índice
Part I: Nessus Tools
The Inner Workings of NASL
Debugging NASLs; Extensions and Custom Tests
Understanding the Extended Capabilities of the Nessus Environment
Analyzing GetFileVersion and MySQL Passwordless Test
Automating the Creation of NASLs
Part II: Snort Tools
The Inner Workings of Snort
Snort Rules
Plugins and Preprocessors
Modifying Snort
Part III: Etherial Tools
Capture file Formats
Protocol Dissectors
Reporting from Etherial
Appendix A Host Integrity Monitoring Using Osiris and Samhain
Detalles del producto
Detalles del producto
- Edición: 1
- Última edición
- Publicado: 14 de septiembre de 2005
- Idioma: Inglés
Sobre los autores
Sobre los autores
BC
Brian Caswell
Afiliaciones y experiencia
Snort.org webmaster, USAJB
Jay Beale
Afiliaciones y experiencia
Series Editor of the Jay Beale Open Source Security Series, lead developer of the Bastille project, Seattle, WAGR
Gilbert Ramirez
Afiliaciones y experiencia
Author, Snort 2.1 Intrusion DetectionNR
Noam Rathaus
Noam Rathaus is the co-founder and CTO of Beyond Security, a company specializing in the development of enterprise-wide security assessment technologies, vulnerability assessment-based SOCs (security operation centers) and related products. He holds an electrical engineering degree from Ben Gurion University, and has been checking the security of computer systems from the age of 13. Noam is also the editor-in-chief of SecuriTeam.com, one of the largest vulnerability databases and security portals on the Internet. He has contributed to several security-related open-source projects including an active role in the Nessus security scanner project. He has written over 150 security tests to the open source tool's vulnerability database, and also developed the first Nessus client for the Windows operating system. Noam is apparently on the hit list of several software giants after being responsible for uncovering security holes in products by vendors such as Microsoft, Macromedia, Trend Micro, and Palm. This keeps him on the run using his Nacra Catamaran, capable of speeds exceeding 14 knots for a quick getaway.
Afiliaciones y experiencia
Co-founder and CTO, Beyond Security, Israel, Microsoft Events InsiderVer libro en ScienceDirect
Ver libro en ScienceDirect
Lee Nessus, Snort, and Ethereal Power Tools en ScienceDirect